Commentary

Ghostery CEO Calls Out Google, Microsoft For 'Redirecting Attention' Away From Privacy

A recent report from the Irish Council for Civil Liberties calls out real-time bidding (RTB) as the “biggest data breach ever recorded,” because it tracks and shares what people view online and their real-world location 294 billion times in the U.S. and 197 billion times in Europe daily.

IAB Europe estimates that the value of the RTB market in 2021 reached $81 billion in the U.S., and $26 billion in Europe in 2019.

Google gets most of the attention when it comes to privacy, but Microsoft dramatically increased its involvement in RTB by acquiring Xandr from AT&T in 2021, according to the report.

“When it became super obvious that cigarettes cause cancer, the tobacco industry did things to redirect the attention, though they continued to sell cigarettes,” said Jean-Paul Schmetz, CEO at Ghostery and chief scientist at parent company Hubert Burda Media. “They make announcements, but do not change the core.”

advertisement

advertisement

Schmetz, who began building websites in the 1990s, spoke with Data & Programmatic Insider about privacy laws and data tracking.

Highlighting the report, he discussed the website Ghostery manages called WhoTracksMe, and spoke briefly about how privacy engines need to drop certain requirements if they want to work with Microsoft. 

Website builders are responsible in terms of putting these trackers on the site.

The number of trackers has grown over time. In the mid-2000s, the company began to get dozens of requests per page. Schmetz started a search engine company in 2008, which needed a lot of data.

“We wanted to acquire data about the web, not about users, and kept finding massive amounts of data about users for sale,” he said. “When we launched a search engine and browser in Germany, we wanted to build a browser that didn’t track you, because we saw the data and didn’t want to be part of that dataset.”

In 2020, Johnny Ryan, senior fellow at the Irish Council for Civil Liberties and the Open Markets Institute, spoke with eMarketer principal analyst at Insider Intelligence Nicole Perrin to discuss real-time bidding and consumer data privacy. At that time, the ad industry recognized that RTB presented challenges with personal data protection. Not much has changed, especially in the U.S.

Today, on average, a person in the U.S. has their online activity and location exposed 747 times every day by RTB-related media, according to the report.

In Europe, RTB exposes people’s data 376 times a day. Europeans and U.S. Internet users’ private data is sent to firms worldwide, including to Russia and China, without any means of controlling what is done with the data.

The report states that RTB media generated more than $117 billion in the U.S. and Europe in 2021.

A person in Colorado has their online activity and location exposed 987 times per day -- the most of any state in the U.S. The District of Columbia has the least amount of data exposures, at 486 times per day. People in the U.S. have their online activity and location exposed 57% more often than people in Europe.

About 1,058 companies in Europe and 4,698 companies in the United States are allowed by Google to receive RTB data, which includes companies in Russia and China, per the report. For example, Google sends 19.6 million pieces of information about German internet users’ online behavior every minute they are online.

Schmetz said “if you look at Google FLOC and Microsoft Parakeet, and other client-side targeting criteria, it just contradicts what they actually do. It’s just smoke and mirrors,” despite providing a dashboard to view and change targeting topics and preferences. “The reality conflicts with the announcement. … They remove the data from competitors, but not from themselves.”

Schmetz pointed to Google’s pursuit of the Manifest V3 update to Chrome, which he believes will effectively break extensions that provide anti-tracking and ad-blocking services to users because it will restrict the capabilities of web extensions.

Ghostery’s browser tool prevents sites from collecting the data and transferring it to Google, Microsoft and other sites.

Years ago, Ghostery also built a website called WhoTracksMe that allows people to learn about tracking technology and see the percentage of trackers each site uses. It ranks the top 932 most prevalent trackers by popularity and by company.

The website enables people to search on media companies such as CNN.com to discover the average number of tracking requests per page load. In CNN.com’s case, on average, the average number is 21. It also lists the names of companies that receive a signal of a person’s visit to the site.

The main purpose of the Ghostery extension is to make invisible consumer data leaks visible. Most are hidden from the user, according to Schmetz. The second purpose is to allow consumers to block the data leaks if they don’t want to share the information.

Next story loading loading..